X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-core%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fserver%2FJettyServiceStarter.java;h=1256c6014171d9c42cc60d7cec874789c6643806;hb=a174f8ddbc5eb78a648fb68b33ef18cb64d81fda;hp=a0dafed1967b6f209c003f6a3d4acc1c267e2df5;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git

diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
index a0dafed1..1256c601 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
@@ -45,18 +45,16 @@ import org.eclipse.jetty.server.handler.AbstractHandler;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.onap.aaf.auth.org.OrganizationException;
 import org.onap.aaf.auth.rserv.RServlet;
+import org.onap.aaf.cadi.Access.Level;
 import org.onap.aaf.cadi.CadiException;
 import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.Access.Level;
 import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfo;
 import org.onap.aaf.misc.env.Trans;
 import org.onap.aaf.misc.env.util.Split;
 import org.onap.aaf.misc.rosetta.env.RosettaEnv;
 
 
 public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> extends AbsServiceStarter<ENV,TRANS> {
-
     private boolean secure;
 
     public JettyServiceStarter(final AbsService<ENV,TRANS> service) throws OrganizationException {
@@ -73,24 +71,6 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
         return this;
     }
 
-//    @Override
-//    public void _propertyAdjustment() {
-//        Properties props = access().getProperties();
-//        Object temp = null;
-//        // Critical - if no Security Protocols set, then set it.  We'll just get messed up if not
-//        if((temp=props.get(Config.CADI_PROTOCOLS))==null) {
-//            if((temp=props.get(Config.HTTPS_PROTOCOLS))==null) {
-//                props.put(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT);
-//            } else {
-//                props.put(Config.CADI_PROTOCOLS, temp);
-//            }
-//        }
-//    
-//        if("1.7".equals(System.getProperty("java.specification.version"))) {
-//            System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
-//        }
-//        System.setProperty(Config.HTTPS_CIPHER_SUITES, temp.toString());
-//    }
 
     @Override
     public void _propertyAdjustment() {
@@ -98,15 +78,15 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
         Properties props = access().getProperties();
         Object httpproto = null;
         // Critical - if no Security Protocols set, then set it.  We'll just get messed up if not
-        if((httpproto=props.get(Config.CADI_PROTOCOLS))==null) {
-            if((httpproto=props.get(Config.HTTPS_PROTOCOLS))==null) {
-                props.put(Config.CADI_PROTOCOLS, (httpproto=SecurityInfo.HTTPS_PROTOCOLS_DEFAULT));
+        if ((httpproto=props.get(Config.CADI_PROTOCOLS))==null) {
+            if ((httpproto=props.get(Config.HTTPS_PROTOCOLS))==null) {
+                props.put(Config.CADI_PROTOCOLS, (httpproto=Config.HTTPS_PROTOCOLS_DEFAULT));
             } else {
                 props.put(Config.CADI_PROTOCOLS, httpproto);
             }
         }
     
-        if("1.7".equals(System.getProperty("java.specification.version")) && (httpproto==null || (httpproto instanceof String && ((String)httpproto).contains("TLSv1.2")))) {
+        if ("1.7".equals(System.getProperty("java.specification.version")) && (httpproto==null || (httpproto instanceof String && ((String)httpproto).contains("TLSv1.2")))) {
             System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
         }
     }
@@ -114,7 +94,7 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
     @Override
     public void _start(RServlet<TRANS> rserv) throws Exception {
         String hostname = access().getProperty(Config.HOSTNAME, null);
-        if(hostname==null) {
+        if (hostname==null) {
             hostname = Inet4Address.getLocalHost().getHostName();
         }
         final int port = Integer.parseInt(access().getProperty("port","0"));
@@ -124,14 +104,15 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
         
         ServerConnector conn;
         String protocol;
-        if(!secure || keystore==null) {
+        if (!secure || keystore==null) {
             conn = new ServerConnector(server);
             protocol = "http";
         } else {
             protocol = "https";
+            
 
             String keystorePassword = access().getProperty(Config.CADI_KEYSTORE_PASSWORD, null);
-            if(keystorePassword==null) {
+            if (keystorePassword==null) {
                 throw new CadiException("No Keystore Password configured for " + keystore);
             }
             SslContextFactory sslContextFactory = new SslContextFactory();
@@ -142,16 +123,18 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
             temp=null; // don't leave lying around
             
             String truststore = access().getProperty(Config.CADI_TRUSTSTORE, null);
-            if(truststore!=null) {
+            if (truststore!=null) {
                 String truststorePassword = access().getProperty(Config.CADI_TRUSTSTORE_PASSWORD, null);
-                if(truststorePassword==null) {
+                if (truststorePassword==null) {
                     throw new CadiException("No Truststore Password configured for " + truststore);
                 }
                 sslContextFactory.setTrustStorePath(truststore);
-                sslContextFactory.setTrustStorePassword(access().decrypt(truststorePassword, true)); 
+                sslContextFactory.setTrustStorePassword(access().decrypt(truststorePassword, false)); 
             }
             // Be able to accept only certain protocols, i.e. TLSv1.1+
-            final String[] protocols = Split.splitTrim(',', access().getProperty(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT));
+            String subprotocols = access().getProperty(Config.CADI_PROTOCOLS, Config.HTTPS_PROTOCOLS_DEFAULT);
+            service.setSubprotocol(subprotocols);
+            final String[] protocols = Split.splitTrim(',', subprotocols);
             sslContextFactory.setIncludeProtocols(protocols);
             
             // Want to use Client Certificates, if they exist.
@@ -163,7 +146,7 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
             //     sslContextFactory.setEnableCRLDP(false);
             //     sslContextFactory.setEnableOCSP(false);
             String certAlias = access().getProperty(Config.CADI_ALIAS, null);
-            if(certAlias!=null) {
+            if (certAlias!=null) {
                 sslContextFactory.setCertAlias(certAlias);
             }
             
@@ -178,6 +161,8 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
                     new HttpConnectionFactory(httpConfig)
                 );
         }
+        service.setProtocol(protocol);
+
         
         // Setup JMX 
         // TODO trying to figure out how to set up/log ports
@@ -216,11 +201,11 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
         );
         
         try {
-            access().printf(Level.INIT, "Starting service on %s:%d (%s)",hostname,port,InetAddress.getLocalHost().getHostAddress());
+            access().printf(Level.INIT, "Starting service on %s:%d (%s)",hostname,port,InetAddress.getByName(hostname).getHostAddress());
             server.start();
             access().log(Level.INIT,server.dump());
         } catch (Exception e) {
-            access().log(e,"Error starting " + service.app_name);
+            access().log(e,"Error starting " + hostname + ':' + port + ' ' + InetAddress.getLocalHost().getHostAddress());
             String doExit = access().getProperty("cadi_exitOnFailure", "true");
             if (doExit == "true") {
                 System.exit(1);
@@ -229,10 +214,15 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
             }
         }
         try {
-            register(service.registrants(port));
+        	String no_register = env().getProperty("aaf_no_register",null);
+        	if(no_register==null) {
+        		register(service.registrants(port));
+        	} else {
+        		access().printf(Level.INIT,"'aaf_no_register' is set.  %s will not be registered with Locator", service.app_name);
+        	}
             access().printf(Level.INIT, "Starting Jetty Service for %s, version %s, on %s://%s:%d", service.app_name,service.app_version,protocol,hostname,port);
-            server.join();
-        } catch(Exception e) {
+            //server.join();
+        } catch (Exception e) {
             access().log(e,"Error registering " + service.app_name);
             String doExit = access().getProperty("cadi_exitOnFailure", "true");
             if (doExit == "true") {
@@ -246,7 +236,7 @@ public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> ex
     private FilterChain buildFilterChain(final AbsService<?,?> as, final FilterChain doLast) throws CadiException, LocatorException {
         Filter[] filters = as.filters();
         FilterChain fc = doLast;
-        for(int i=filters.length-1;i>=0;--i) {
+        for (int i=filters.length-1;i>=0;--i) {
             fc = new FCImpl(filters[i],fc);
         }
         return fc;